On a Catalyst 6500, we configured a SPAN session with VLAN 300 as a source. We configured the session bi-directional ("both" keyword). We connect a sniffer on the SPAN destination port.
Strangely enough, we only see the traffic from the VRF to the firewall, but not the reverse traffic ! What can be the problem ?
I have a need to capture some traffic but my core 6513's are already using the limit of 2 span sessions. I can't edit any of the sessions either because I want to source traffic from vlans and you can only do one or the other. Is using a VACL with 'switchport capture' on the destination interface an option ? E.g. I want to source traffic from vlan 10,20,30,40 and send the all to interface Gi10/10 ? Is there any caveats ? I dont need to be too granular with the ACL's but just capture all traffic in those vlans.
View 2 Replies View RelatedI'm setting up a montitor session on a NEXUS 7K as below.we are receiving in 150M of data and 0 data going out port 9/25.but port 4/24 shows 300M to the span port?
View 1 Replies View Relatedrsbd7k01-p-vdca(config)# monitor session 2
rsbd7k01-p-vdca(config-monitor)# source vlan ?
<1-3967>
rsbd7k01-p-vdca(config-monitor)# source vlan 1 - 3967
ERROR: vlan 33-3967: Number of source vlans exceeds maximum
rsbd7k01-p-vdca(config-monitor)#
I have configured SPAN session on 2960 switch, source port being a VLAN and destination being one of the fastethernet ports. All I see in the capture is control traffic (HSRP, RIP, Syslog, DNS..etc). However I dont see any real data traffic being captured. Below is how I have SPAN configured..
monitor session 1 source vlan <vlan_id> both
monitor session 1 destination interface fa0/42
I am having difficulties with getting SPAN traffic over my WS-X6704-10GE (CFC).
CISCO7606
ios 12.2(33)SRE6, SUP720-3BXL
Trying to use the span feature, put the commands listed below in and they entered successfully, but the port is not being mirrored.
interface TenGigabitEthernet1/1
description PUBLIC
dampening
mtu 9216
ip address x.x.x.x x.x.x.x
[Code]....
If I monitor a trunkport on the rootbridge in both directions I get Duplicate Multicast Packets on the perticular VLAN. The first guess is, that this is worked as designed and not a IOS Bug (Platform CAT6500 SUP720 IOS 12.2(33)SXI9 ) Until know I only found an old Cisco press link from 2002 with this subject.
View 2 Replies View RelatedI have CISCO catalyst with VLANs (VLAN ID 33, 36, 40-53) configured. I need to configure port mirroring in Switch 3750 for NAC (Network Access Control). I need to Monitor all the VLANs. Here is the SPAN configuration of switch: [code] Monitor session 1 source vlan 33 , 36 , 40 – 53.Monitor Session 1 destination interface fa 1/0/8 (here I am not able to set encapsulation dot1q ) because the error occurred saying %one or more dest port do not support the encapsulation%.
View 5 Replies View RelatedBeen dealing with a strange problem for several days now. It started out with a problem that I thought was VTP related but ended up being something else. I setup a span port on a 3750 that I am connected to that was mirroring the trunk connection coming into the switch.
Never saw an VTP traffic come across the connection but doing a sh vtp status indicated the traffic was arriving and getting processed. When I found some debug commands (debug sw-lan vtp), I was also able to see the packets go between switches. Seeing this issue concerns me that there is other traffic that isnt showing up during a span session.
I know that doing a span on a switch, especially using a trunk port as a source, isnt a good idea. Since I didnt have a TAP at time, this was my only choice. I have since borrowed a NetOptics TP-CU3 tap from a good friend and was able to confirm the VTP traffic was going across the trunk connection between switches.
All of my 3750's are running 12.2.55.SE.
I have configured Span port on our 4510. We have an application 5view server to monitor trafic connected to G9/17 Since we have changed the network connection from physical Giga port and add a Port-channel instead, we don't see any more trafic from the new Port-channel to G9/17
We have the configuration below on our 4510 :
monitor session 1 source interface Gi4/6
monitor session 1 source interface Po20
monitor session 1 filter vlan 311 - 312 , 375
monitor session 1 destination interface Gi9/17
From the commands show, we don't see the trafic duplication from the source to the destination port :
Port Source
4510-5567#sh int po20
Port-channel20 is up, line protocol is up (connected)
Hardware is EtherChannel, address is 0016.9de2.a818 (bia 0016.9de2.a818)
[Code].....
I have pair of 5596 switches in vPC. One host say "HOST A" is connected to the primary vPC peer and other "HOST B" on secondary vPC peer.Both are in same VLAN 10. Both hosts are vpc orphan ports as their NIC is configured in active/standby mode.I have configured span session on both vPC peers with span source as VLAN 10 in rx mode.Span destination is connected to secondary vPC peer. The issue here is that I am not able to capture the traffic originating from HOST A destined to HOST B which is traversing vPC peer-link.Same issue occurs for the traffic in reverse way and span destination on primary vPC peer. In a nutshell, any traffic which crosses vPC peer-link is not getting captured.
What could be the issue and is there any solution for it. Below mentioned is the span config and relevant interfaces. [code]
Is it possible to configure the span(switch port analyzer) port and restrict it to only listen to ingress and egress of TCP/1433 from the source port?
View 2 Replies View RelatedI tried to clear monitor session on 6500 and keep on getting the following error:
%Another session parameters or permit-list is being configured %Please wait for another configuration to complete.
how i can go about clearing the monitor session.
I tried to clear monitor session on 6500 and keep on getting the following error:
%Another session parameters or permit-list is being configured %Please wait for another configuration to complete.
how i can go about clearing the monitor session.
I have a switch 4948, with version 12.2.31.sga4 ( I dont found bug about monitor session) and we try to made port mirroring with a monitor session from a VLAN and port belong at this VLAN have traffic input and output, but in the destination port, I always see it output traffic..
Global command
Red-127#sh run | in moni
monitor session 1 source vlan 1127
[Code].....
Any step-by-step configuration guide of how to enable DAI on Cisco Catalyst 6500 Series Switches.
View 1 Replies View RelatedI need to configure QoS (voice and video) for Catalyst 6500 series switches with Supervisor 2T modules and DFC4 linecards.
Is this radically different from what we do int he Sup32 and 720s? I was looking at some templates online, such as
[URL]
But I don't see anything for the new Supervisor 2T?
document which explians normal booting sequence in a 6500 Switch running IOS. What I am looking for is in which order the image is loaded in SUP, RP, SP etc
View 1 Replies View RelatedI got problem with wake on LAN software.. The software unable to ON all pc's remotely if sitting under different vlan. Everything is ok if using the same vlan. Below are the network diagram & switch configuration.
Layer 3 switch Intervlan routing configuration
ip forward-protocol udp 7
!
interface Vlan4
description vlan Client-WOL
ip address 172.22.51.253 255.255.254.0
ip access-group Deny_HTTP_Vlan1 in
ip helper-address 172.20.1.246
[code].....
After configured all the switches with the above setting, the software still cannot wake all the pc's using LAN. Base on sniffing, i can't find UDP port usage by the software. Attached here with print screen from wireshark.
1. We now have SupA & SupB in the chassis, due to some mistake we have same IOS version but different feature set on them, although we configured redundancy mode sso, in the "show redundancy" we see Operating Redundancy Mode = rpr due to Software mismat, we now need to fix them as same feature set image, if I use "copy sup-bootdisk0:/xxxx slavesup-bootdisk0:/xxx", then write memory, does this cause any service/network interuption?
Available system uptime = 1 year, 1 week, 4 days, 9 hours, 21 minutes
Switchovers system experienced = 2
Standby failures = 0
Last switchover reason = active unit removed
[code]....
2. We did a failover test with this status, found that if we triggered supervisor failover, all modules will reload thus the services if interupped. How about after we make the Operating Redundancy Mode as sso, will this behaviour shows again? Or a stateful failover will happens, then modules no need reload?
3. We are using OSPF as our L3 routing protocol, after reference to the configuration, nsf should be enabled, we want to ask in the OSPF-domain nsf should be configured in all OSPF-enabled router or only 6500 which have dual-sup?
4. We also found that the interfaces(3 * Gig & 2 * TenG) in Standby supervisor cannot be use even enabled & configured, is it because we are running rpr mode now or will be the same even change to sso? Before customer have some older supervisor in 6500 non-e chassis, and they can use the standby supervisor interfaces as traffic forwarding, they use rpr-plus mode before, how about in sso mode?
"How to display the EOBC error counters in the Catalyst 6500 series switches and a definition of the EOBC interface" document here on support forum stays that The Ethernet Out of Band Channel (EOBC) is a half duplex channel that services many functions, which include the Simple Network Management Protocol (SNMP) and the packets that are destined for the switch.
Previously i were thinking that EoBC used only for SCP and SLP protocol. In addition i found other article (but not on cisco site, heh) where stays that The Results bus is a control plane, while the C (EoBC) bus is more of an "admin plane", thus you will never see data packets (such as CDP, SNMP, etc.) going over the R or C bus.
So there is a big contradiction between those two statements. How to prove one of those and if first one right, what meaned under the packets that are destined for the switch in it? SCP and SLP or other traffic as well?
I am migrating services from SUP720-3B to VS-SUP2T-10G= and moving to a VSS configuration between a pair of Cat6506 distribution layer switches. I need to enable QoS on these switches, primarily to trust dscp and also to prioritise voice traffic. The autoqos feature works for some ports but does not work on port-channel interfaces and port-channel member interfaces. How can I apply the qos settings for these interfaces in line with what auto qos would normally provide. My line cards are as follows:
Civic_6506VSS#sho mod
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE
[Code].....
The diagram below is the configuration we are looking to deploy, that way because we do not have VSS on the 6500 switches so we can not create only one Etherchannel to the 6500s.Our blades inserted on the UCS chassis have INTEL dual port cards, so they do not support full failover.
Questions I have are.
- Is this my best deployment choice?
- vPC highly depend on the management interface on the Nexus 5000 for the keep alive peer monitoring, so what is going to happen if the vPC brakes due to:
- one of the 6500 goes down
- STP?
- What is going to happend with the Etherchannels on the remaining 6500?
- the Management interface goes down for any other reason
- which one is going to be the primary NEXUS?
Below is the list of devices involved and the configuration for the Nexus 5000 and 65000.
Devices
· 2 Cisco Catalyst with two WS-SUP720-3B each (no VSS)
· 2 Cisco Nexus 5010
· 2 Cisco UCS 6120xp
· 2 UCS Chassis
- 4 Cisco B200-M1 blades (2 each chassis)
- Dual 10Gb Intel card (1 per blade)
vPC Configuration on Nexus 5000
TACSWN01
TACSWN02
feature vpc
vpc domain 5
reload restore
reload restore delay 300
[code]...
Catalyst 4500 or 6500 VSS Capabilities?
View 6 Replies View RelatedIts possible FTTx on a 6500 ?
View 2 Replies View Related one of the most widely deployed switches in the world. The "Swiss Army knife of network", can do routing, switching, security, wireless and almost everything that you would want your core switch to do. Remember to use the rating system to let Akshay know if you have received an adequate response.
Akshay might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Network Infrastructure sub-community LAN, Switching and Routing discussion forum shortly after the event. This event lasts through July 27, 2012. Visit this forum often to view responses to your questions and the questions of other community members.
how to identify which modules are supported by cisco catalyst 6500. is there any OID which can give us the information
View 2 Replies View RelatedI want to know what is this process used for on a catalyst 6500 ? we have got following message in the crash file, probably due to CSCsv77354
Jun 30 16:06:47.099 UAE: %SYS-6-STACKLOW: Stack for process ACE HAPI running low, 0/6000
cisco WS-C6509-E Core switch with IOS "s72033-ipservicesk9_wan-mz.122-18.SXF11"
i have 2 question
Q.1 i want to upgrade this switch what is the latest IOS ver. supported by this module ?
Q.2 i need to enable http server on this switch when i run this comman it's accsebt but i cant get http work
Is it possible to issue eigrp leaking routes on catalyst 6500 running IOS 12.2-33SXI9 on gigabitethernet interfaces? or is there another way to acomplish this?
View 10 Replies View RelatedI has a issue about etherchannel beetwen 02 Catalyst 6500 switch, i need your comment about it. if you had any similar experience:
1.- On Catalyst Switch 6500-1: I configured interface port-channel 4 and associated it to G6/29 and G6/30 interface Port-channel4description IUU1_Gn1_HLIMSGSN01_Port_channel_6_29_6_30switchportswitchport trunk encapsulation dot1qswitchport trunk allowed vlan 406,408switchport mode trunkswitchport nonegotiatelogging event link-statusload-interval 30mls qos vlan-basedmls qos trust dscp!
2.- On Catalyst Switch 6500-2: I configured interface port-channel 4 and associated it to G6/29 and G6/30
interface Port-channel4
description IUU2_Gn2_HLIMSGSN01_Port_channel_6_29_6_30
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 407,409
[code]....
and i see output "show interface Po4A" up up on switch-1, "show interface Po4B" up up on switch-2
5.- In the show running-config not appear configured Po4A and Po4B. it only show on outputs
6.- Po4A and Po4 was not configured on neither switches, my question is why appear Po4A and Po4B on switch-1 and switch-2 respectively? and why Po4 appear in down down.
7.- I solved this issue by shutdown and not shutdown to the interfaces on both routers, currently all is OK.
We are getting log messages like
%EARL-DFC4-4-NF_USAGE: Current Netflow Table Utilization is 95%
%EARL-DFC4-4-NF_USAGE: Current Netflow Table Utilization is 99%
What this messages really means and how to get rid of these messages. We are using IOS version 12.2(33)SXJ in Catalyst 6500.
I understand that my questions seems to be rather strange cos supervisors is rather old (Sup1A especially). But i am interested in understanding what puprpose were in production SUP32. I cant find out enough differencies between Sup1A with MSFC2 and Sup32 to understand what reasons lead to deploying new sup in none fabric supervisor series.
Both supervisors have same perfomance - 15Mpps and have limitation on backplane bandwith of 32 Gbps (cos both use swithing bus), both supervisors equipped with MSFC2 and etc. Differencies i found:
SUP 32 have 10Gbe ports support (but this seems to be doubtful enhancement - with it perfomance GE ports seems to be more appropriate technology isnt it?) SUP1A equipped with PFC, SUP32 with PFC3BSUP32 deploys CEF (what is benefit of CEF if perfomance same?)
